About TNW

TNW Sites

The car industry needs to embrace open source

The race to develop software for the connected car market is heating up as consumers expect their vehicles to give them the same experience and ease of use that they have come to know with their smartphones.

The 2017 Autotrader Car Impact Study found that 53 percent of consumers expect their vehicles to offer the same level of technology as their phones, keeping them connected on the move.

Unfortunately, far too many of the automotive manufacturers and the other companies that are developing products for the connected car market are stuck in neutral, unable to produce software at a pace to stay competitive with smartphone level technology.

While the eventual goal for many of the companies in this space is aimed at coming out with the first road-ready autonomous vehicle, most of the current attention is geared towards writing code for infotainment systems, the combination of interfaces that provide services like navigation and streaming music or video to make those long commutes a little bit more bearable.

The first problem that the industry is facing now is that the products that they are coming to market with are generally pretty clunky to say the least, and are hardly up to the level of Apple CarPlay or Android Auto. The second and even more stifling issue is that these products take a very long time to make it out to consumers, averaging a 36-39 month release schedule.

In 2017, a report from Visual Capitalist showed that software for the automotive market contains upwards of 100 million lines of code. To give some perspective, only Google, with all of their services, was said to have more code in their products.

If the automotive market wants to stay ahead of these software giants, who may have their own ambitions of breaking into the car making game, they need a secret weapon to give them that nitrus boost into the next generation of development.

Breaking down barriers with open source software

Automakers have begun to understand that if they are going to have a shot at beating Silicon Valley at their own game, then they are going to have to pool their resources and work smarter together.

One of the ways that they are already doing this is in their use of open source components. This software is written and maintained by the open source community and made available for reuse by others so long as they follow their licenses.

Open source components are essentially the building blocks of software, comprising between 60-80 percent of the code base in modern applications. These reusable components give developers a fast and free way to solve problems and add powerful features to their products without having to write new code themselves.

In hopes of making code sharing in the industry a reality, the majority of stakeholders — including Panasonic, Mazda, Mercedes-Benz, Honda, Toyota, and many more — have joined with The Linux Foundation’s Automotive Grade Linux (AGL) project.

The goal of the AGL initiative is to create a space, through the Unified Code Base (UCB), where developers can contribute to projects, which in turn will be available to developers at other companies. Through this code sharing, companies can speed up their development of products without having to reinvent the wheel.

Buckle up for working responsibly with open source

Gaining access to high quality and free software has a great appeal for companies who are building these new products for the automotive industry. However, there are a couple of important rules of the road that they need to keep in mind.

First is making sure that they have security checks in place. The automotive industry has increased sensitivity when it comes to making sure that drivers are not put at risk by hackers breaching their way in through applications.

When coding with open source, developers need to ensure that they are not using components with known vulnerabilities. These are flaws in the code which have been reported and published by community members on a range of security databases and resources so that developers can know to fix their products if they are affected. However, hackers also have access to this information and can exploit organizations who have been too slow to patch.

In order to build secure products, developers need to use tools that identify which open source components they have in their environment, and prevent the use of components that have associated vulnerabilities. Catching these issues earlier in the software development lifecycle is a lot less expensive than when a product needs to be reconfigured later as they near release.

Next, they need to continuously monitor the security advisories and databases for newly uncovered vulnerabilities, receiving alerts when the components they are using are found to be impacted.

If automakers are going to successfully utilize open source components, they are going to have to play by the rules. Tesla took some considerable flack for not complying with the licenses for some of their software which required them to open source their code which made use of certain components.

They recently made the move to release some of their code to the community, possibly recognizing that even companies that want to move fast and break things need to give back.

Navigating the road ahead

Infotainment systems may sound like a minor convenience, a nice addition to that new car smell, but from a driver’s perspective, the demand is clear that their vehicle offer a full experience, keeping them connected in style.

For developers, finding new ways to work more efficiently by embracing the open source model is essential if they hope to scale up their capacity to build not only products for the infotainment space, but other aspects of the connected/autonomous vehicles of the near future.